Overview
export_wallet() in src/commands/wallet.rs writes wallet data to a JSON file. If any exported wallets have unencrypted secret keys (wallets created without --encrypt), the backup JSON contains plaintext secret keys. The user believes they have a secure backup but the file is actually a plaintext secret key dump.
Resolution
Always encrypt backup files regardless of individual wallet encryption state. Use the same crypto::encrypt_secret infrastructure but apply it to the entire JSON payload rather than individual keys. Generate a random backup_id (UUID v4), prompt for a backup passphrase (with strength enforcement, always strict for exports), encrypt the full JSON using AES-256-GCM + Argon2, and store the result in a structured envelope: { "version": "2", "backup_id": "...", "encrypted_payload": "base64...", "kdf_params": {...} }. Update import_wallet to detect v2 backup envelopes and decrypt before parsing. For v1 backups (unencrypted JSON), emit a deprecation warning and recommend re-exporting. Add an integrity HMAC over the ciphertext to detect tampering. Make --strict the default for exports and require --no-strict to override. Print a clear warning if the output path is on a network-mounted filesystem.
Overview
export_wallet()insrc/commands/wallet.rswrites wallet data to a JSON file. If any exported wallets have unencrypted secret keys (wallets created without--encrypt), the backup JSON contains plaintext secret keys. The user believes they have a secure backup but the file is actually a plaintext secret key dump.Resolution
Always encrypt backup files regardless of individual wallet encryption state. Use the same
crypto::encrypt_secretinfrastructure but apply it to the entire JSON payload rather than individual keys. Generate a randombackup_id(UUID v4), prompt for a backup passphrase (with strength enforcement, always strict for exports), encrypt the full JSON using AES-256-GCM + Argon2, and store the result in a structured envelope:{ "version": "2", "backup_id": "...", "encrypted_payload": "base64...", "kdf_params": {...} }. Updateimport_walletto detect v2 backup envelopes and decrypt before parsing. For v1 backups (unencrypted JSON), emit a deprecation warning and recommend re-exporting. Add an integrity HMAC over the ciphertext to detect tampering. Make--strictthe default for exports and require--no-strictto override. Print a clear warning if the output path is on a network-mounted filesystem.